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DETAILED ACTION 

1 . Claims 1 -1 8 are presented for examination 

Claim Objections 

2. Claim 14 objected to because of the following informalities: Applicant states 
"Application of the method according to claim 1 0 for automatic filtering of a set of 
programs relative to a given set of validity criteria". Examiner suggests it should read 
as "The method according to claim 10....". Appropriate correction is required. 

Claim Rejections - 35 USC §112 

3. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

4. Claims1-14, 16-18 rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

Claim 1, line 8-10 recites events which may occur during possible executions of 
the program. Claim 16, Page: 11, line 16 recites possible executions of the programs; 
Page: 12, lines 1, 4, 5, 14, 16, 17, Claim language "possible" is unclear. Appropriate 
action required. 

5. Claim 1 recites the limitation that has insufficient antecedent basis below: 

the structure of the program (Page 4, line 8) 

the possible execution path of.. (Page 4, line 9) 

the values of the possible data (Page 4, lines 9 and 10) 

the states and data handle (Page 4, line 12) 

the computation of said (Page 4, line 16) 
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Claims 2-14 mirror the deficiencies of claim 1 and is also rejected. 
Claims 17-18 mirror the deficiencies of claim 16 and is also rejected. 
Appropriate correction is required 

Claim Rejections - 35 USC § 101 

6. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claim 15 rejected under 35 U.S.C. 101 because the claimed invention is directed 
to non-statutory subject matter. 

Claim 15, recites a "A system for distribution of applications... " ; that has been 
reasonably interpreted as computer program, component, file per se. In this claim the 
function of the program is just software, not any hardware. Claim 15 fails to recite the 
"system" as stored on an appropriate computer readable device, which defines 
structural and functional interrelationships between the software and other components 
of a computer that permit the software's functionality to be realized-see MPEP 
2106.01(1), Therefore, Claim 15 is rejected as non-statutory. 

Claim Rejections - 35 USC § 102 

7. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 
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Claims 1-18 are Rejected under 35 U.S.C. 102(e) as being anticipated by 
Ramaswamy et al, US 2004/0088587 A1 

Claim 1 , Ramaswamy teaclies a metliod for determining the operational 
characteristics of a program , charact e r i z e d i n that i t compr i s e s comprising a verification 
procedure comprising the following steps (Paragraph 001 1 , user verification 
step/operation): a first step comprising: 

expressing the operational characteristics of the program as functions dealing 
with occurrences or sequences of occurrences of events which may occur during 
possible executions of the program (Paragraph 0043, Fig. 1 illustrates verification 
engine 114-1 to 114-N represent the number of verification object families or types) , 
said events being able to deal with particular operations, particular values, at particular 
program points and in particular states of the program (Paragraph 0043, Fig. 1, context 
108 records illustrates all relevant variables for the verification process); 

determining a possible level of precision with which these characteristics must be 
determined (Fig. 7 illustrates client 102 and 702-716 where level of verification process 
starts); 

determining a possible set of particular contexts of execution in which the 
program will always be executed ( see abstract. Paragraph 001 1 and 0012 during 
verification process and operations of an application specific requirements used by user 
to verify program policy); 
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determining possible operational specificities of a set of platforms on which the 
program will be executed (Paragraph 0082, Fig. 2 computer system (server) 204 specify 
a set of platform); 

a second step of estimation, by program analysis, and in consideration of said 
possible level of precision (Fig. 7 illustrates client 102 and 702-716 where level of 
verification process), of said possible set of particular contexts of execution and of said 
possible operational specificities of platforms (Paragraph 0082 Fig. 2 computer system 
(server) 204 and Fig. 7 server 104), of information relating to the structure of the 
program, the possible execution paths of the program and to the values of possible data 
(Paragraphs 0075-0079), at various points of the execution paths and under different 
execution conditions, of the states and data handled by the program (Paragraph 0046, 
0102-0104 verification process contain various operations, conditions where states are 
defined) ; 

a third step for determining said operational characteristics, by means of the 
information extracted by said program analysis (Fig. 7 illustrates client 102 and 702-716 
verification process determines the operation characteristics), by the computation of 
said functions on the occurrences or particular sequences of occurrences of particular 
operations (Paragraph 0043, Fig. 1 illustrates verification engine 114-1 to 114-N 
represent the number of verification families or types), dealing with particular values, at 
particular points of the program(Paragraphs 0075-0079), in particular states of the 
program, for the set of execution paths determined by analysis (Paragraph 0046, 0102- 
0104, Fig. 7, 702-716). 
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Claim 2, Ramaswamy teaclies charact e r i z e d i n that w herein , in the case when 
the program is interactive and may depend on an undetermined number of dynamic 
values resulting from this interaction, the contexts of execution are given by a 
description abstracted from the possible series of data representing said dynamic 
values (Paragraph 0030, 0094 and Fig. 5A and 5B Illustrates a verification policy). 

Claim 3, Ramaswamy teaches, charactor i zod i n that wherein , in the case where 
the program is inserted into a framework of execution (see abstract) , 
said second step of estimation comprises the static analysis (Paragraph 0090) which 
also take Into account the semantics of this framework of execution, Including the 
possible Implicit Interaction loops of the program (Fig. 6 illustrates account 604 
verifications with mismatches Accept 606 or Reject 608) 

Claim 4, Ramaswamy teaches charactor i zod i n that w herein certain of said 
particular operations (which form events, accompanied by constraints on the values 
handled, the execution points, and the statuses of the program) are defined as one of 
the following actions (see abstract where authentication process takes many 
steps/operations): 

call to a given routine, access to a given variable, reading or writing on a given 
port, computation of a given arithmetic expression (Paragraph 0102), completion of 
execution of the program or of a routine (on a normal return or ending an exception). 
(Paragraph 0011 and 0012) 

Claim 5, Ramaswamy teaches charact e r i z e d i n that w herein certain of said static 
analysis consist of abstract interpretations of the program (Fig. 6), on abstract domains 



Application/Control Number: 10/585,101 Page 7 

Art Unit: 2192 

which may notably represent possible sets of values and symbolic expressions 
(Paragraph 0102). 

Claim 6, Ramaswamy teaches charact e r i z e d i n that w herein said extracted 
information are represented by means of one or more of the following structures (see 
abstract): status graph of the program, inheritance graph, graph of the routine calls of 
the program, control flow chart of each routine of the program, structure of loops and 
catch-up of exceptions, structure of basic blocks, abstraction of the status of the 
program at an execution point (Fig. 6 illustrates four state transition for verification 
policy). 

Claim 7, Ramaswamy teaches charQctor i zod i n that wherein said extraction of 
information does not apply to unnecessary information for determining the operational 
characteristics (Paragraph 0034), both from the viewpoint of the amount of information 
extracted and from the precision of these pieces of Information (Paragraph 0033). 

Claim 8, Ramaswamy teaches character i zed i n that wherein onlv ^ major 
pieces of information among said extracted information are computed and saved and in 
that the other pieces of information are only computed when necessary for determining 
said operational characteristics (Paragraph 0034, 0035). 

Claim 9, Ramaswamy teaches charact e r i z e d i n that wherein the major pieces of 
Information are information extracted at the breakdown nodes of the code of tl=»e 
routines in a graph of basic blocks and in that the other pieces of information (in the 
body of the basic blocks) are recomputed by local analysis from information saved at 
the start and end of the corresponding block (Paragraph 0103-0106). 
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Claim 10, Ramaswamy teaches charact e r i z e d i n that w herein said operational 
characteristics represent validity criteria and in that said determination establishes that 
the program is valid (Fig. 6, if Account 604 matches and no mismatch it Accept 606 
verification) (because it observes each of said criteria), or invalid 
(because at least one of said criteria cannot be observed) (Fig. 6, Reject 608 if there are 
any mismatch of verifications). 

Claim 1 1 , Ramaswamy teaches charact e r i z e d i n that w herein said validity criteria 
express security or interoperability rules (Fig. 6 and Paragraph 0039). 

Claim 12, Ramaswamy teaches charact e rized in that wherein said operational 
characteristics characterize (see abstract) the resources which are consumed and ^ 
functionalities which are exploited by the program during its execution and in that said 
determination provides an execution profile of the program (Paragraph 0029). 

Claim 13, Ramaswamy teaches charact e rized in that wherein tt^ a computation 
of certain of said functions associated with the operational characteristics is performed 
during said static program analysis, as soon as certain of said pieces of information are 
extracted (Paragraph 0036). 

Claim 14, Ramaswamy teaches Application of the method according to claim 10 
for automatic filtering of a set of programs relative to a given set of validity criteria 
(Paragraph 0036), charact e r i z e d i n that w herein the extraction of information by static 
program analysis is only completed once per program and reused whenever necessary 
for determining whether the program observes said set of validity criteria (Paragraph 
0040-0042). 
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Claim 15, Ramaswamy teaches A system for distribution of applications ensuring 
that the applications observe validity criteria associated with the execution platforms of 
these applications (see abstract), charact e r i z e d i n that i t compr i s e s comprising filtering 
means designed such that, for any client desiring to accede to the applications for a 
certain execution platform, the applications are filtered by a verification procedure (Fig. 
7 illustrates the verification process) 

in accordance with the method according to any one of claims 1 to 12, only the 
applications which observe the validity criteria for said platform being presented to the 
client (same art rationale apply as per claim 1 ). 

Claim 16, Ramaswamy teaches a system for multi- application execution 
ensuring that the applications observe given validity criteria, charact e r i z e d i n that i t 
compr i ses comprising: (see Abstract) 

An application analysis server, a server for validation of applications and a multi- 
application platform (Paragraph 0026), and 

Means for ensuring, prior to loading or execution of an application on the platform 
(Paragraph 0027 uses verification policy before processing): 

observance by this application of said validity criteria (Paragraph 0033 where 
verification objects are used for the purpose of verifying the identity of users) accord i ng 
to th e m e thod according to any on e of c l a i ms 1 to 12, th e an extraction of information 
being carried out on the application analysis server and an evaluation of said validity 
criteria being carried out on the server for validation of applications(Fig. 1 verification 
server 104, application 110), and 
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in the case when one of the validity criteria cannot be observed, ^ a failure of 
the loading or execution of the application (Paragraph 0006, the a change of the status 
of the system and an emission of a sound or visual signal to alert of failure of loading or 
execution (Paragraph 0039 where verification policies implements one or more 
verification objects), the means for ensuring observance by said application of said 
validity criteria executing a procedure comprising the following steps:- 

first step comprising: 

expressing the validity criteria of the program as functions dealing with occurrences or 
sequences of occurrences of events which may occur during possible executions of the 
program (Paragraph 0043, Fig. 1 illustrates verification engine 114-1 to 114-N represent 
the number of verification object families or types) , said events being able to deal with 
particular operations, particular values, at particular program points and in particular 
states of the program (Paragraph 0043, Fig. 1, context 108 records illustrates all 
relevant variables for the verification process);; 

determining a possible level of precision with which these validity criteria must be 
determined (Fig. 7 illustrates client 102 and 702-716 where level of verification process 
starts): 

determining a possible set of particular contexts of execution In which the 
program will always be executed ( see abstract. Paragraph 0011 and 0012); 
determining possible operational specificities of a set of platforms on which the 
program will be executed (Paragraph 0082, Fig. 2 computer system (server) 204 specify 
a set of platform); 
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a second step of estimation, by program analysis, and in consideration of said 
possible level of precision (Fig. 7 illustrates client 102 and 702-716 where leyel of 
verification process) , of said possible set of particular contexts of execution and of said 
possible operational specificities of platforms (Paragraph 0082 Fig. 2 computer system 
(server) 204 and Fig. 7 server 104) . of information relating to the structure of the 
program, the possible execution paths of the program and to the values of possible 
data, at various points of the execution paths and under different execution conditions, 
of the states and data handled by the program (Paragraph 0046, 0102-0104 verification 
process contain various operations, conditions where states are defined) ; 

a third step for determining said validity criteria, by means of the information 
extracted by said program analysis (Fig. 7 illustrates client 102 and 702-716 verification 
process determines the operation characteristics) , by the computation of said functions 
on the occurrences or particular sequences of occurrences of particular 
operations (Paragraph 0043, Fig. 1 illustrates verification engine 114-1 to 114-N 
represent the number of verification families or types), dealing with particular values, at 
particular points of the program, in particular states of the program, for the set of 
execution paths determined by analysis (Paragraph 0046, 0102-0104, Fig. 7, 
verification session between a verification client device and verification server 702- 
716). 

Claim 17, Ramaswamy teaches charactcr i zod i n that w herein the server for 
validation (Fig. 1, verification server 104) of applications is executed on the multi- 
application platform (Fig. 2, computer system server 204 consist of multiple application). 
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the application analysis server executing outside the platform (Paragraph 0043 where 
data manager 116, data stores 1 18,120 and 122 are outside of verification server 104). 

Claim 18, Ramaswamy teaches charact e r i z e d i n that w herein the application 
analysis server and the server for validation of applications are executed on the multi- 
application platform (Fig. 7 illustrates verification session between a verification client 
device and a verification server for validation policy and Fig. 2 server 204). 

Conclusion 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to AHMED E. HUQ whose telephone number is (571)270- 
1515. The examiner can normally be reached on Monday-Friday 9:-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Tuan Q. Dam can be reached on 571-272-3695. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
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Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 

USPTO Customer Service Representative or access to the automated information 

system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Ahmed E Huq/ /Lewis A. Bullock, Jr./ 

Examiner, Art Unit 2192 Supervisory Patent Examiner, Art 

9/10/2008 Unit 2193 



